FW: Winbind and pam.conf on Solaris 2.6
Dean Ward
WardD at TheWineSociety.com
Wed Jan 31 16:14:03 GMT 2001
Hi all,
I have made the following changes to the pam.conf installed on our test
machine at the moment. As I said before I don't have access to the machine
(not currently on site) until early Feb, so could somebody just confirm that
the following changes will work on Solaris 2.6, please?
-- START /etc/pam.conf --
#ident "@(#)pam.conf 1.19 95/11/30 SMI"
#
# PAM configuration
#
# Authentication management
# NT authorisation is sufficient to logon to this machine
#
login auth sufficient /usr/lib/security/pam_winbind.so
login auth required /usr/lib/security/pam_unix.so.1 try_first_pass
login auth required /usr/lib/security/pam_dial_auth.so.1 try_first_pass
#
rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1
rlogin auth sufficient /usr/lib/security/pam_winbind.so
rlogin auth required /usr/lib/security/pam_unix.so.1 try_first_pass
#
dtlogin auth sufficient /usr/lib/security/pam_winbind.so
dtlogin auth required /usr/lib/security/pam_unix.so.1 try_first_pass
#
rsh auth required /usr/lib/security/pam_rhosts_auth.so.1
other auth sufficient /usr/lib/security/pam_winbind.so
other auth required /usr/lib/security/pam_unix.so.1 try_first_pass
#
# Account management
#
login account sufficient /usr/lib/security/pam_winbind.so
login account required /usr/lib/security/pam_unix.so.1
dtlogin account sufficient /usr/lib/security/pam_winbind.so
dtlogin account required /usr/lib/security/pam_unix.so.1
#
other account sufficient /usr/lib/security/pam_winbind.so
other account required /usr/lib/security/pam_unix.so.1
#
# Session management
#
other session required /usr/lib/security/pam_unix.so.1
#
# Password management
#
other password sufficient /usr/lib/security/pam_winbind.so
other password required /usr/lib/security/pam_unix.so.1
-- END pam.conf --
Regards,
Dean Ward
> -----Original Message-----
> From: Dean Ward
> Sent: 28 January 2001 04:33
> To: 'samba-ntdom at lists.samba.org'
> Subject: Winbind and pam.conf on Solaris 2.6
>
> Hi,
>
> I looking into implementing Winbind on a Solaris 2.6 system to
authenticate against our NT domain. However I have a couple of questions
regarding its setup and configuration. Firstly, could somebody please give a
complete example of how the /etc/pam.conf should look on Solaris 2.6 - I'm a
little troubled by the account line that the man page gives, i.e. that the
only account line required is that for Winbind - surely this would disable
Unix account management? Also, does Winbind provide password management too,
so that our users can change their NT passwords from a Unix shell? Finally,
when logging on would a user have to specify the domain (e.g. DOMAIN\Dean)
or could they just use their user name (i.e. Dean)?
>
> I apologise for all the questions, it's just I don't have access to the
box until early February and I'd like to get it clear in my head what needs
doing before I do it.
>
> Regards,
>
> Dean Ward
>
> --
> \\\___///
> \\ - - //
> ( @ @ )
> +---------------oOOo-(_)-oOOo-------------+
> | Dean Ward |
> | Info Systems |
> | The Wine Society |
> | |
> | E-Mail: wardd at thewinesociety.com |
> | Phone: 01438 761294 |
> +------------------------Oooo-------------+
> oooO ( )
> ( ) ) /
> \ ( (_/
> \_)
>
> "There are two major products to come out of Berkeley: LSD and UNIX. We
don't believe this to be a coincidence." - Jeremy S. Anderson.
>
More information about the samba-ntdom
mailing list